Skip to main content

Decentralized IDs

Introduction to DIDs

Decentralized IDs (DIDs) are similar to other identifiers, with the exception that, as the name suggests, they're not controlled or issued by a centralized authority.

Most of the identifiers we commonly rely on, somebody else typically issued us with the identifier or has control over the identifier and the systems that make the identifier useful, whether that's a phone number, an email address from a service like Gmail, or a username on Facebook. In one way or another we're relying on the third party that has control of the centralized systems the identifier is associated with for it's continued usefulness. Even an email addresses that's associated with domain names you own are still dependent to some extent on the domain name registrar.

The W3C standard for DIDs describes DIDs as being decentralized with no central issuing authority, persistent so they are not reliant upon the existence of any specific organization to remain useful, and verifiable so it's possible to prove control over the DID.

Distributed Systems

Instead of relying on a centralized authority for identifiers, individuals control their own DIDs, and through the use of distributed systems (specifically blockchain technology) they can prove their relationship with their DIDs through cryptographic proofs.

Because DIDs rely upon distributed systems they are more robust and are not vulnerable to the type of attacks that target centralized systems, and individuals can maintain control over their own identifiers.

Individuals can have as many DIDs as they like, for instance, they might choose to control DIDs for:

  • Authentication and identification
  • Professional qualifications
  • Social media
  • Gaming profiles
  • Finance

DIDs have been designed to include properties that can be used to identify things the DID is associated with. For instance, a DID can be linked to a Verified Credential Token (VCT) that proves the controller of the DIDs identity.

Use cases

There are more use cases than can be listed here, but here are some of the use cases where DIDs are powerful tools.

Authentication

One of the primary uses cases for decentralized IDs is for authentication across the web.

Just as our approach to digital identity has evolved over time, so too has the methods we use to authenticate ourselves online.

  1. Usernames and passwords
  2. Public/Private keys
  3. One time passwords
  4. Multi-factor authentication

In addition to these authentication methods, there is also federate identity that relies on a third parties to authenticate users and act as an identity provider.

Because DIDs can be linked to ShareRing verified credentials, they can also be used to authenticate users.

Know Your Customer

Many companies need to verify their customer's credentials, but aren't themselves identity providers and don't have the expertise or technology to manage this process. For these companies, DIDs provide that capability by linking to ShareRing Verified Credentials.

Public DID Registry

ShareLedger includes a public DID register that can be queried for the smart contracts related to individuals' ShareRing verified credentials.

Because the DID registry is public, other digital identity providers can also register DIDs that link to the smart contracts with credentials they've verified for their users.